Bitrefill disclosed that it suffered a cyberattack earlier this month, suspected to be carried out by the North Korean hacker group Lazarus Group.

CoinFeed reported on March 18 that, according to The Block, cryptocurrency e-commerce and gift card company Bitrefill disclosed that it suffered a cyberattack on March 1, suspected to be carried out by the North Korean-backed hacking group Lazarus Group. The attack stemmed from the compromise of an employee's laptop, where hackers stole funds from a hot wallet and made suspicious purchases from its suppliers. The attackers also compromised Bitrefill's broader infrastructure, including parts of its database and certain cryptocurrency wallets, resulting in access to approximately 18,500 purchase records involving limited customer information such as email addresses, encrypted payment addresses, and IP addresses. Approximately 1,000 of these records exposed the encrypted customer names, and the company has contacted the individuals involved.